import os
from pathlib import Path

# Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent

# 媒体文件的 URL 和存储路径
MEDIA_URL = '/media/'  # 媒体文件的 URL 前缀
MEDIA_ROOT = os.path.join(BASE_DIR, 'media')  # 媒体文件的存储根目录

# 静态文件的 URL 和存储路径
STATIC_URL = '/static/'  # 静态文件的 URL 前缀
STATIC_ROOT = os.path.join(BASE_DIR, 'static')  # 静态文件的存储根目录

# 开发环境中的额外静态文件目录
STATICFILES_DIRS = [
    os.path.join(BASE_DIR, 'assets'),  # 额外静态文件目录，可选
]

# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/5.1/howto/deployment/checklist/

# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'django-insecure-ovhp=(xtg6s%1yx!(fxl5ku7qxx03*&97a9n!^&l#%0@82wh+$'

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True

ALLOWED_HOSTS = ['*']  # 允许所有主机访问，仅在开发环境使用

# Application definition

INSTALLED_APPS = [
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'corsheaders',
    'spark',  # 自定义应用
]

MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'corsheaders.middleware.CorsMiddleware',  # CORS 中间件
    # 'django.middleware.csrf.CsrfViewMiddleware',  # 可选：禁用 CSRF 检查
    # 'django.contrib.auth.middleware.AuthenticationMiddleware',
    # 'django.contrib.messages.middleware.MessageMiddleware',
    # 'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

# 跨域配置
CORS_ALLOW_CREDENTIALS = True  # 允许携带 Cookie
CORS_ALLOWED_ORIGINS = [
    "http://localhost:5173",  # 前端地址
]
CORS_ORIGIN_ALLOW_ALL = True  # 允许所有来源，仅在开发环境中使用

ROOT_URLCONF = 'DjangoSpark.urls'

WSGI_APPLICATION = 'DjangoSpark.wsgi.application'

# Database
# https://docs.djangoproject.com/en/5.1/ref/settings/#databases

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.sqlite3',  # 使用 SQLite 数据库
        'NAME': BASE_DIR / 'db.sqlite3',
    }
}

# 时间和语言配置
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_TZ = True

# 默认主键字段类型
# https://docs.djangoproject.com/en/5.1/ref/settings/#default-auto-field

DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'

# settings.py
REST_FRAMEWORK = {
    'DEFAULT_RENDERER_CLASSES': (
        'rest_framework.renderers.JSONRenderer',  # 强制返回 JSON 响应
    ),
}

# 日志配置（可选，用于调试）
LOGGING = {
    'version': 1,
    'disable_existing_loggers': False,
    'handlers': {
        'console': {
            'class': 'logging.StreamHandler',
        },
    },
    'root': {
        'handlers': ['console'],
        'level': 'DEBUG',
    },
}

# settings.py
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST = 'smtp.your-email-provider.com'
EMAIL_PORT = 587
EMAIL_USE_TLS = True
EMAIL_HOST_USER = 'your-email@example.com'
EMAIL_HOST_PASSWORD = 'your-email-password'

# 使用 Redis 作为 broker（这里假设 Redis 在本地运行，数据库 0）
CELERY_BROKER_URL = 'redis://localhost:6379/0'
# 如果需要，可以配置结果后端，通常也用 Redis
CELERY_RESULT_BACKEND = 'db+sqlite:////Users/jm/PycharmProjects/DjangoSpark/db.sqlite3'


# 生产环境建议添加安全相关设置
if not DEBUG:
    SECURE_BROWSER_XSS_FILTER = True
    SECURE_CONTENT_TYPE_NOSNIFF = True
    X_FRAME_OPTIONS = 'DENY'